Authentication: stuck indefinitely with the message "Obtaining session-id…"

Assuming you have done changes only for secure domain(and no other changes), try moving the guest domain virtualhost block to just before the next virtualhost(after components)

Try with internal_plain authentication instead of hashed…

Verify if all firewall ports are properly opened…

Check if prosody is listening on port 5222…

If none of those work…verify all the steps from quick install guide…

Yes, it is :slight_smile:

After testing, it does not change anything.

With this change I get the error “Incorrect username or password”.

Even if I disable the firewall (all ports open), I have the same problem :confused:

I have already scrupulously rechecked all the steps of the guide one by one, I have applied them to the letter

Does anyone have a standalone jitsi server (debian package) and a basic authentication that works as shown here?

My case has no particular specificity and I applied the instructions to the letter, I do not understand why it does not work. I have the same problem on chrome and firefox. I’m starting to suspect a bug or an error in the documentation :thinking:

This, because you have to create new users, as auth mechanism has changed. Create a new user and check…restart prosody to be safe…Btw what’s your version of prosody?

Yes, I do have a running stand-alone jitsi server, installed with quick install guide…and works as expected…

1 Like

I do:

  • Replace authentication = "internal_hashed" by authentication = "internal_plain"
  • systemctl restart prosody
  • Delete and create again my user
  • systemctl restart prosody

And i got the same error: stuck indefinitely with the message “Obtaining session-id…”


Ok…One more suggestion from me…As it is taking time to find the issue with config…maybe try with this GitHub - pregalla/jitsi: Installer for Jitsi, Jigasi, and Jibri, (if you are willing to reinstall). Uninstall and install using that…Won’t take much time…should be done under 5 minutes…

I do:

apt remove --purge jitsi-*
apt remove --purge prosody
apt autoremove
git clone
cd jitsi
chmod +x
export BEHIND_NAT="no"
export SERVER_FQDN=""
export HOST_NAME=""

Try to create a room from web client… and i get exactly the same error :confused:

The logs in the js console are the same as before:

I have the impression that the connection to the account succeeded, but that the Session ID returned is null, whereas it is indeed non-null in the prosody log!

Same error…stuck obtaining session-id? strange…works for me fine…

Prosody version changed to latest, yes?


Indeed, 0.11.9-1~buster1

Try from a different browser, in incognito mode…!
Can you create a test user and share password. You may delete after 5 minutes…Will check if it works at my end…

Are all services running…? Check with option-3…

Out of ideas now…

I already try this

Ok, i create a user test / test :slight_smile:
My instance :

Hm same on my end too…stuck obtaining session-id…

@Prashanth did you notice anything in the js console when you tested?

Hm I didn’t look at js console logs…gave it a quick test…now the password has changed…

I had deleted the test account in the meantime, I just recreated it :slight_smile:

Can you share your cfg.lua file?

Hi @elois

I do not know if it also applies to your installation but on mine with Docker it is just:

I also have:
But I think you have this one as yours displays the login screen.

For the creation ot the user, did you use: user@[XMPP_DOMAIN] or ?


Hello everyone,

Could you solve the problem?

I have the same issue after updating to version 1.0.5056-1 under ubuntu 20.04 lts.

The symptom is identical to what the thread opener described.
Like in this thread too: Stuck in "Obtaining Session-Id" after enabled Authentication

On the other hand the issue seems to describe a bug in the docker version, which is already fixed like here: Hangs on "obtaining session-id" when using authentication (stable-5765). But we have no docker working.

On github the issue were reported too (After moderator-auth hangs at "retrieve session-id" · Issue #9561 · jitsi/jitsi-meet · GitHub) but until now it seems to me the dev team only thinking about a configuration mistake.
But I’m not sure it is about a configuration problem, because my installation was running absolutely flawless until updating to current version. Or were there some changes for configuration with the update?

Maybe it is possible to think in direction of a bug?

I’m a little wondering about that this topic is not completed. Not here and not in the other threads I found.

Here is my cfg.lua

unlimited_jids = { "", "" }
plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/" }

-- domain mapper options, must at least have domain base set to use the mapper
muc_mapper_domain_base = "";

turncredentials_secret = "31YQP97yzPOYFomt";

turncredentials = {
  { type = "stun", host = "", port = "3478" },
  { type = "turn", host = "", port = "3478", transport = "udp" },
  { type = "turns", host = "", port = "5349", transport = "tcp" }

cross_domain_bosh = false;
consider_bosh_secure = true;
 https_ports = { }; -- Remove this line to prevent listening on port 5284

ssl = {
  protocol = "tlsv1_2+";

VirtualHost ""
        -- enabled = false -- Remove this line to enable this host
        authentication = "internal_hashed"
--        authentication = "anonymous"
        -- Properties below are modified by jitsi-meet-tokens package config
        -- and authentication above is switched to "token"
        -- Assign this host a certificate for TLS, otherwise it would use the one
        -- set in the global section (if any).
        -- Note that old-style SSL on port 5223 only supports one certificate, and will always
        -- use the global one.
        ssl = {
                key = "/etc/prosody/certs/";
                certificate = "/etc/prosody/certs/";
        speakerstats_component = ""
        conference_duration_component = ""
        -- we need bosh
        modules_enabled = {
            "ping"; -- Enable mod_ping
	admins = { "" }
	allow_registration = false

        c2s_require_encryption = false
        lobby_muc = ""
        main_muc = ""
        -- muc_lobby_whitelist = { "" } -- Here we can whitelist jibri to enter lobby enabled rooms

Component "" "muc"
    restrict_room_creation = true
    modules_enabled = {
--        "token_verification";
--        "persist_muc_passwords";
--        "muc_config_restrict";
    admins = { "" }
--    default_storage = "memory"
--    storage = {
--	persistent_muc_passwds = "internal";
--    }
--    muc_config_restricted = {
--	"muc#roomconfig_roomsecret";
--    }
    muc_room_locking = false
    muc_room_default_public_jids = true
--    muc_room_default_persistent = true
-- internal muc component
Component "" "muc"
    storage = "memory"
    modules_enabled = {
    admins = { "", "" }
    muc_room_locking = false
    muc_room_default_public_jids = true

VirtualHost ""
    modules_enabled = { "limits_exception"; }
    ssl = {
        key = "/etc/prosody/certs/";
        certificate = "/etc/prosody/certs/";
    authentication = "internal_plain"

Component "" "client_proxy"
    target_address = ""
    component_secret = "MVKo57c5"

Component "" "speakerstats_component"
    muc_component = ""

Component "" "conference_duration_component"
    muc_component = ""

Component "" "muc"
    storage = "memory"
    restrict_room_creation = true
    muc_room_locking = false
    muc_room_default_public_jids = true

VirtualHost ""	
    authentication = "anonymous"	
    c2s_require_encryption = false


Jicofo 2021-07-20 23:17:13.907 INFO: [40] ConferenceIqHandler.handleConferenceIq#56: Focus request for room:
Jicofo 2021-07-20 23:17:13.910 INFO: [40] AbstractAuthAuthority.createNewSession#158: Authentication session created for SID: 54ed472b-43b9-43a0-9705-58e11e765007
Jicofo 2021-07-20 23:17:13.912 INFO: [40] AbstractAuthAuthority.authenticateJidWithSession#431: Authenticated jid: with session: AuthSession[,, SID=54ed472b-43b9-43a0-9705-58e11e765007, MUID=c8cb526ab393c3e4b27531bb734981b4, LIFE_TM_SEC=0,]@1169632741
Jicofo 2021-07-20 23:17:13.912 INFO: [40] AbstractAuthAuthority.notifyUserAuthenticated#339: Jid authenticated as:
Jicofo 2021-07-20 23:17:13.933 INFO: [40] [] JitsiMeetConferenceImpl.<init>#251: Created new conference,
Jicofo 2021-07-20 23:17:13.935 INFO: [40] [] JitsiMeetConferenceImpl.joinTheRoom#433: Joining
Jicofo 2021-07-20 23:17:13.952 WARNING: [30] [room=] ChatRoomImpl.processPresence#839: Unable to handle packet: <presence to='' from='' id='7q9Xg-82' type='error'><error type='cancel'><not-allowed xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/><text xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'>Room creation is restricted</text></error></presence>
Jicofo 2021-07-20 23:17:13.953 INFO: [40] [] JitsiMeetConferenceImpl.stop#410: Stopped.
Jicofo 2021-07-20 23:17:13.958 WARNING: [40] FocusManager.conferenceRequest#229: Exception while trying to start the conference
org.jivesoftware.smack.XMPPException$XMPPErrorException: XMPP error reply received from XMPPError: not-allowed - cancel
	at org.jivesoftware.smack.XMPPException$XMPPErrorException.ifHasErrorThenThrow(
	at org.jivesoftware.smack.StanzaCollector.nextResultOrThrow(
	at org.jivesoftware.smackx.muc.MultiUserChat.enter(
	at org.jivesoftware.smackx.muc.MultiUserChat.createOrJoin(
	at org.jivesoftware.smackx.muc.MultiUserChat.createOrJoin(
	at org.jitsi.impl.protocol.xmpp.ChatRoomImpl.joinAs(
	at org.jitsi.impl.protocol.xmpp.ChatRoomImpl.join(
	at org.jitsi.jicofo.JitsiMeetConferenceImpl.joinTheRoom(
	at org.jitsi.jicofo.JitsiMeetConferenceImpl.start(
	at org.jitsi.jicofo.FocusManager.conferenceRequest(
	at org.jitsi.jicofo.FocusManager.conferenceRequest(
	at org.jitsi.jicofo.FocusManager.conferenceRequest(
	at org.jitsi.jicofo.xmpp.ConferenceIqHandler.handleConferenceIq(ConferenceIqHandler.kt:65)
	at org.jitsi.jicofo.xmpp.ConferenceIqHandler.access$handleConferenceIq(ConferenceIqHandler.kt:36)
	at org.jitsi.jicofo.xmpp.ConferenceIqHandler$handleIQRequest$
	at java.base/java.util.concurrent.Executors$
	at java.base/
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(
	at java.base/java.util.concurrent.ThreadPoolExecutor$
	at java.base/


Jul 21 00:38:51	info	Loading mod_muc_domain_mapper for host!
Jul 21 00:38:51	info	Loading mod_muc_domain_mapper for host!
Jul 21 00:38:51	info	Hook to muc events on
Jul 21 00:38:51	info	Hook to muc events on
Jul 21 00:38:51	info	Loading mod_muc_domain_mapper for host!
Jul 21 00:38:51	info	Loading mod_muc_domain_mapper for host localhost!
Jul 21 00:38:51	info	Lobby component loaded
Jul 21 00:38:51	info	Loading mod_muc_domain_mapper for host!
Jul 21 00:38:51	info	Loading mod_muc_domain_mapper for host!
Jul 21 00:38:51	info	Loading mod_muc_domain_mapper for host!
Jul 21 00:38:56 c2s5613d172e400	info	Client connected
Jul 21 00:38:56 c2s5613d172e400	info	Stream encrypted (TLSv1.3 with TLS_AES_256_GCM_SHA384)
Jul 21 00:38:56 c2s5613d172e400	info	Authenticated as
Jul 21 00:38:59 c2s5613d1d8c230	info	Client connected
Jul 21 00:38:59 c2s5613d1d8c230	info	Stream encrypted (TLSv1.3 with TLS_AES_256_GCM_SHA384)
Jul 21 00:38:59 c2s5613d1d8c230	info	Authenticated as
Jul 21 00:39:41 mod_bosh	info	New BOSH session, assigned it sid '11dcc6ae-93a3-4eb8-ae92-f5b569e8902d'
Jul 21 00:39:42 bosh11dcc6ae-93a3-4eb8-ae92-f5b569e8902d	info	Authenticated as
Jul 21 00:40:09 mod_bosh	info	New BOSH session, assigned it sid '88c0a99f-ed43-47d5-8ddb-8d394bbe2587'
Jul 21 00:40:10 bosh88c0a99f-ed43-47d5-8ddb-8d394bbe2587	info	Authenticated as

Thank you very much and best regards.

PS: Thank you for your great work! :slight_smile:

seeing exactly the same as @d0ntpanic

We’re using a slightly branded version of jitsi-meet and build it ourself. After updating jitsi-meet from 2.0.5870 to 2.0.5963 as well as updating the system packages coming from debian buster (prosody etc.), users are not longer able to authenticate because they are stuck at “Obtaining session-id”.

Both jicofo.log and prosody.log show exactly the same messages as posted by @d0ntpanic

experiencing the same issue.
Version: 2.0.6173-1

Version: 2.1-538-g062e9f56-1

Version: 0.11.4-1

Version: 1.0-786-1

This might help:
Open the file /etc/jitsi/jicofo/
And check if you have set the right FQDN (Fully Qualified Domain Name) in the line: